Vulnerability Details CVE-2024-21920
A memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. This could reveal sensitive information and even cause the application to crash, resulting in a denial-of-service condition. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.2%
CVSS Severity
CVSS v3 Score 4.4
References
Products affected by CVE-2024-21920
-
cpe:2.3:a:rockwellautomation:arena:16.00.00
-
cpe:2.3:a:rockwellautomation:arena:16.00.01
-
cpe:2.3:a:rockwellautomation:arena:16.10.00
-
cpe:2.3:a:rockwellautomation:arena:16.20.00
-
cpe:2.3:a:rockwellautomation:arena:16.20.01
-
cpe:2.3:a:rockwellautomation:arena:16.20.02
-
cpe:2.3:a:rockwellautomation:arena:16.20.03
-
cpe:2.3:a:rockwellautomation:arena:16.20.04
-
cpe:2.3:a:rockwellautomation:arena:16.20.05
-
cpe:2.3:a:rockwellautomation:arena:16.20.06
-
cpe:2.3:a:rockwellautomation:arena:16.20.07
-
cpe:2.3:a:rockwellautomation:arena:16.20.08
-
cpe:2.3:a:rockwellautomation:arena:16.20.09